<?php
include('class/class_connect.php');
include('class/class_page.php');
include('class/city_rus.php');
include('class/class_form.php');
include('class/class_workdays.php');
include('class/class_checkGetData.php');
include('class/class_geo.php');
include('class/class_checkAddress.php');
foreach($_GET as $key=>$val)
{
	$_GET[$key]=checkGetData::safetyCheck($val);
}
$cityRus=new city_rus_class;
$aCheckData=new checkGetData('m');
$aCheckData->checkCity($_GET['city']);
$aCheckData->checkTableId($_GET['city'], $_GET['id']);
session_start();
if(!$_SESSION['login'])
{
	header('location: registr.php?city='.$_GET['city']);
	exit;
}
$aConnect=new connect('m');
$row=mysql_fetch_array($aConnect->select_all($_GET['city'], "WHERE id='".$_GET['id']."'"));
if(strtolower($row['user'])!=strtolower($_SESSION['login']))
{
	echo ('
	<center>
		<h1>У Вас нет доступа к запрашиваемой странице!</h1>
		<a href="index.php">На главную</a>
		</center>
	');
}
$aForm=new form();
if($_POST['editMalls'])
{
	$checkAddress=new checkAddress;
	$warning=false;
	$warning=$aForm->checkInput($_POST['city'], 'город', 'city', '', 40, 3, "/^[-a-zA-Z0-9_]+$/", '', '');
	if(!$warning && isset($_POST['name']))
		$warning=$aForm->checkInput($_POST['name'], 'название', 'name', $row['name'], 40, 1, "", "\" ` ^ ~ < > \r\n", 'o (Только русские и английские буквы и цифры и -!@#*?&$()\'.,)');
	if(!$warning && isset($_POST['short']))
		$warning=$aForm->checkInput($_POST['short'], 'краткое описание', 'short', $row['short'], 40, 2, "", "\" ` ^ ~ < > \r\n", 'o (Только русские и английские буквы и цифры и -@#&()\'.,)');
	if(!$warning && isset($_POST['link']) && $_POST['link']!='')
		$warning=$aForm->checkInput($_POST['link'], 'веб-сайт', 'link', $row['link'], 30, 5, "", ", \" ` ^ ~ < > \r\n ! № % : ?   =  $ &  [ ] / + \\ { } [ ] ;  \'", ' (Только буквы,цифры и -_.)');
	if(!$warning && isset($_POST['street1']))
		$warning=$aForm->checkInput($_POST['street1'], 'поле "улица"', 'street1', $row['street1'], 40, 3, "", ", \"` ^ ~ < > \r\n ! № % : ? * ( ) + = # $ & q w e r t y u i p [ ] a s d f g h j k l ; z x c v b n m ", 'о (Только русские буквы и цифры тире и точка)');
	if(!$warning && isset($_POST['building1']))
		$warning=$aForm->checkInput($_POST['building1'], 'дом', 'building1', $row['building1'], 6, 1, "", ", \" ` ^ ~ < > \r\n ! № % : ? * ( ) + = # $ & q w e r t y u i p [ ] a s d f g h j k l ; z x c v b n m ", ' (Только русские буквы и цифры тире и точка)');
	if(!$warning && isset($_POST['phone1']) && $_POST['phone1']!='')
		$warning=$aForm->checkInput($_POST['phone'], 'телефон', 'phone', $row['phone'], 20, 7, "", ", \" ` ^ ~ < > \r\n ! № % : ?   =  $ &  [ ] ", ' (Только буквы,цифры и +()-)');
	if(!$warning && isset($_POST['text_title']) && $_POST['textTitle']!='')
		$warning=$aForm->checkInput($_POST['textTitle'], 'заголовок текста', 'textTitle', $row['textTitle'], 50, 1, "", " \" \r\n ` ^ ~", ' (все символы кроме "`^~)');
	if(!$warning && isset($_POST['stext']) && $_POST['stext']!='')
		$warning=$aForm->checkInput($_POST['stext'], 'текст', 'stext', $row['stext'], 3000, 10, "", " \" ` ^ ~", ' (все символы кроме "`^~)');
    if(!$warning)
		$position=geo::getPositionByAddress($cityRus->city_rus_im($_POST['city']), $_POST['street1'], $_POST['building1']);
	if(!$warning)
	{
		$data=array();
		if($_POST['name'])$data['name']=$_POST['name'];
		if($_POST['short'])$data['short']=$_POST['short'];
		if($_POST['link'])$data['link']=$_POST['link'];
		if($_POST['street1'] && $_POST['building1'])$data['address']=$checkAddress->checkStreet($_POST['street1']).', '.$checkAddress->checkBuilding($_POST['building1']);
		if($position)$data['positions']=$position;
		if($_POST['phone'])$data['phone']=$_POST['phone'];
		if(workdays::getWorkdays(1)!=$row['workdays'])$data['workdays']=workdays::getWorkdays(1);
		if($_POST['text_title'])$data['text_title']=$_POST['text_title'];
		if($_POST['stext'])$data['stext']=$_POST['stext'];
		if($data)
		{
			foreach($data as $tableEl=>$value)
			{
				$dataToUpdate[]=$tableEl."='".$value."'";
			}
			$dataToUpdate=implode(', ', $dataToUpdate);
			$aConnect->update_data($_GET['city'], $dataToUpdate, "WHERE id='".$row['id']."'");
			if($_POST['name'] && $_POST['name']!=$row['name'])
			{
				$aConnect=new connect('main');
				$aRow=mysql_fetch_array($aConnect->select_all('users', "WHERE login='".$_SESSION['login']."'"));
				if($aRow['malls'])
				{
					$mallsArray=explode(',', $aRow['malls']);
					for($i=0; $i<count($mallsArray); $i++)
					{
						$mallsInfoArray=explode('^', $mallsArray[$i]);
						if($mallsInfoArray[1]==$row['id'])$mallsInfoArray[2]=$_POST['name'];
						$mallsArray[$i]=implode('^', $mallsInfoArray);
					}
					$newMalls=implode(',', $mallsArray);
				}
				$aConnect->update_data('users', "malls='".$newMalls."'", "WHERE login='".$_SESSION['login']."'");
			}
		}
		if($_POST['imgName'])
		{
			if(file_exists($_POST['imgName'].'.jpg'))
			{
				rename($_POST['imgName'].'.jpg', 'pictures/mallspics/'.$_GET['city'].'/'.$row['id'].'.jpg');
			}
		}
		header('location: mallscabinet.php?city='.$_GET['city'].'&id='.$row['id']);
	}
}
$aForm=new  form();
class aFirmPage extends page
{
	var $warning;
	var $row=array();
	function __construct($warning, $row=array())
	{
		$this->warning=$warning;
		$this->row=$row;
		parent::__construct();
	}
	function title()
	{
		echo 'Редактировать Торговый центр '.$this->row['name'];
	}
	function maincontent()
	{
		$aForm=new  form();
		$aForm->includeStyle();
		$aForm->includeScript();
		$aWorkdays=new workdays();
		$imgName='temp'.rand();
		$avatar='pictures/nologo.jpg';
		if(file_exists('pictures/mallspics/'.$_GET['city'].'/'.$this->row['id'].'.jpg'))
			 $avatar='pictures/mallspics/'.$_GET['city'].'/'.$this->row['id'].'.jpg';
		if($_POST['imgName'])
		{
			$avatar=$_POST['imgName'].'.jpg';
		}
		echo ('
		<script type="text/javascript" src="scripts/editMalls.js">
		</script>
		<script type="text/javascript" src="jquery/ajaxUpload.js">
  		</script>
		<link rel="stylesheet" type="text/css" href="style/addmalls.css" />
		<div class="route">
			<div class="routeEl">
				<a href="pcabinet.php?city='.$_GET['city'].'">Личный кабинет</a>
			</div>
			<div class="routeEl">
				<a href="my_malls.php?city='.$_GET['city'].'">Мои центры</a>
			</div>
			<div class="routeEl">
				<a href="mallscabinet.php?city='.$_GET['city'].'&id='.$_GET['id'].'">'.$this->row['name'].'</a>
			</div>
			<div class="routeEl">
				Редактировать центр
			</div>
		</div>
		  <div class="form" align="center">
		  <h3>Редактировать '.$this->row['short'].' '.$this->row['name'].'</h3>
		   <form method="post" id="editMalls" name="editProfile" action="" autocomplete="off">
		   		<input name="city" type="hidden" value="'.$_GET['city'].'" id="city">
		   		<center id="warning">&nbsp;'.$this->warning.'</center>
		   		<div class="myform">
			   		<div class="signature">
			   	 		Логотип:
			   	 	</div>
			   		<div id="avatar">
				     	<div id="upload">
				 			<span id="span" class="loadButton" imgName="'.$imgName.'">Изменить</span>
				 		</div>
				 		<div id="preview">
		   	 				<img src="'.$avatar.'" />
		   	 				<input type="hidden" name="imgName" value="'.$_POST['imgName'].'" />
		   	 				<span id="status"></span>
				    	</div>
			   	 	</div>
		   	 	</div>
		   	 	<div class="myform">
			   	 	<div class="signature">
			   	 		Название:
			   	 	</div>
			   		<div id="name" class="edit" value="'.$this->row['name'].'">
			   			'.$this->row['name'].'<br /><but class="but">изменить</but>
			   		</div>
				</div>
		   	 	<div class="myform">
			   		<div class="signature">
			   	 		Краткое описание:
			   	 	</div>
			   		<div id="short" class="edit" value="'.$this->row['short'].'">
			   			'.$this->row['short'].'<br /><but class="but">изменить</but>
			   		</div>
				</div>
				<div class="myform">
			   		<div class="signature">
			   	 		Веб-сайт:
			   	 	</div>
			   		<div id="link" class="edit" value="'.$this->row['link'].'">
			   			'.$this->row['link'].'<br /><but class="but">изменить</but>
			   		</div>
				</div>
		   	 	<div class="myform">
			   		<div class="signature">
			   	 		Адрес:
			   	 	</div>
		');
				if(!$this->row['firms'])
				{
					echo ('
				   		<div id="address" class="edit" value="'.$this->row['address'].'">
				   			'.$this->row['address'].'<br /><but class="but">изменить</but>
				   		</div>
					');
				}
				else
					echo '<no>не изменяется</no>';
        echo ('
				</div>
		   	 	<div class="myform">
			   		<div class="signature">
			   	 		Телефон:
			   	 	</div>
			   		<div id="phone" class="edit" value="'.$this->row['phone'].'">
			   			'.$this->row['phone'].'<br /><but class="but">изменить</but>
			   		</div>
				</div>
		   	 	<div class="myform">
			   		<div class="signature">
			   	 		Часы работы:
			   	 	</div>
			   		<div id="workdays" class="edit" value="'.$this->row['workdays'].'">
			   			');
			   			$aWorkdays->editWorkdays($this->row['workdays'], 1);
			   			echo ('
			   		</div>
				</div>
		   	 	<div class="myform">
			   		<div class="signature">
			   	 		Заголовок текста:
			   	 	</div>
			   		<div id="text_title" class="edit" value="'.$this->row['text_title'].'">
			   			'.$this->row['text_title'].'<br /><but class="but">изменить</but>
			   		</div>
			   		<br /><br />
			   		<div class="signature">
			   	 		Текст:
			   	 	</div>
			   		<div id="text" class="edit" value="'.$this->row['stext'].'">
			   			'.$this->row['stext'].'<br /><but class="but">изменить</but>
			   		</div>

				</div>
                <input type="submit" value="Сохранить" class="button button-blue" name="editMalls">
		   </form>
		  </div>
		');
	}
}

$aPage=new aFirmPage($warning, $row);

?>